<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */


class PostsController extends AppController{
    public $helpers= array('Html','Form','Js');
    public $component=array('RequestHandler');
    
    //AUTORIZACION
    public function isAuthorized($user) {
        // All registered users can add posts
        if (in_array($this->action, array('add', 'view','validate_form'))) {
            return true;
        }

        // The owner of a post can edit and delete it
        if (in_array($this->action, array('edit', 'delete'))) {
            $postId = $this->request->params['pass'][0];
            if ($this->Post->isOwnedBy($postId, $user['id'])) {
                return true;
            }
        }

        return parent::isAuthorized($user);
    }
    
    
    
    public function index(){
        $this->set('posts',  $this->Post->find('all'));
        //var_dump($this->Auth->user('id'));
    }
    
    public function view($id = null) {
        $this->Post->id = $id;
        $this->set('post', $this->Post->read());
    }
    public function validate_form(){
        if($this->request->is('ajax')){
            $field = $this->request->data['field'];
            $value = $this->request->data['value'];
            $this->request->data['Post'][$field] = $value;
            $this->Post->set($this->data);
            if($this->Post->validates()){
                $this->autoRender=FALSE;
            }
            else{
                $error=$this->validateErrors($this->Post);
                $this->set('error',$error[$field]);
                $this->layout='ajax';
            }
        }
    }
    
    public function add(){
        if ($this->request->is('post')){  //ZP: se verifica en con CakeRequest::is() si es un HTTP POST request
            $this->request->data['Post']['user_id'] = $this->Auth->user('id'); //Added this line
            $post=$this->request->data;
            if($this->Post->save($post)){
                if($this->request->is('ajax')){
                    $this->layout='ajax';
                    $this->render('success','ajax');
                }
                else{
                    $this->Session->setFlash('Your post has been saved.'.$post['Post']['id']);
                    $this->redirect(array('action'=>'index'));
                }
            }
            else{
                $this->Session-> setFlash('Unable to add your post');
            }
        }
    }
    public function edit($id = null) {
        $this->Post->id = $id;
        if ($this->request->is('get')) {
            $this->request->data = $this->Post->read();
        } else {
            if ($this->Post->save($this->request->data)) {
                $this->Session->setFlash('Your post has been updated.');
                $this->redirect(array('action' => 'index'));
            } else {
                $this->Session->setFlash('Unable to update your post.');
            }
        }
    }
    public function delete($id) {
        if ($this->request->is('get')) {
            throw new MethodNotAllowedException();
        }
        if ($this->Post->delete($id)) {
            $this->Session->setFlash('The post with id: ' . $id . ' has been deleted.');
            $this->redirect(array('action' => 'index'));
        }
    }
    
    
    
    
}
?>
